How can I enforce a S3 policy to let only signed URL get objects

0 votes

I can generate my signed urls the AWS-SDK node package, and I could confirm they work when my bucket is set as public.

However, I can't find where I can set the parameters mentioned here:

Restrict Bucket Access : Yes

Origin Access Identity : Use an Existing Identity

Restrict Viewer Access(Use Signed URLs) : Yes

Trusted Signers : Self

I do not use Cloudfront and it looks like Cloudfront specifics

Is there any way to set these up (or produce an equivalent behavior) using S3 only? i.e. bucket private by default, only urls signed by one of my IAM users can be served.

Oct 5, 2018 in AWS by eatcodesleeprepeat
• 4,710 points
3,280 views

1 answer to this question.

0 votes

You don't need to make a bucket public in order for signed URLs to work. That would entirely defeat the purpose of signed URLs.

and Make sure the IAM user that you are using to generate the pre-signed URL has permissions to read from the bucket.

answered Oct 5, 2018 by Priyaj
• 58,090 points

Related Questions In AWS

0 votes
1 answer
+1 vote
4 answers

Can a URL be directly uploaded to S3 using POST?

You can read this blog and get ...READ MORE

answered Oct 25, 2018 in AWS by chamunda
2,704 views
0 votes
1 answer

How do I write an S3 Object to a file?

While IOUtils.copy() and IOUtils.copyLarge() are great, I would prefer the old ...READ MORE

answered Jul 13, 2018 in AWS by Hammer
• 360 points
4,150 views
0 votes
1 answer
0 votes
1 answer

AWS S3 uploading hidden files by default

versioning is enabled in your bucket. docs.aws.amazon.com/AmazonS3/latest/user-guide/….... the ...READ MORE

answered Oct 4, 2018 in AWS by Priyaj
• 58,090 points
5,388 views
–1 vote
1 answer

How to decrypt the encrypted S3 file using aws-encryption-cli --decrypt

Use command : aws s3 presign s3://mybucket/abc_count.png you get ...READ MORE

answered Oct 22, 2018 in AWS by Priyaj
• 58,090 points
4,828 views
0 votes
1 answer

Import my AWS credentials using python script

Using AWS Cli  Configure your IAM user then ...READ MORE

answered Nov 16, 2018 in AWS by Jino
• 5,810 points
2,558 views
0 votes
2 answers
0 votes
1 answer

How can I get current date in a CloudFormation script?

There was a similar question asked on ...READ MORE

answered Aug 29, 2018 in AWS by Priyaj
• 58,090 points
8,186 views
0 votes
1 answer

How to create a CloudFormation only AWS policy

The easiest way to achieve what you're ...READ MORE

answered Sep 26, 2018 in AWS by Priyaj
• 58,090 points
1,762 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP